Switching

 View Only
last person joined: 2 days ago 

Ask questions and share experiences about EX and QFX portfolios and all switching solutions across your data center, campus, and branch locations.

  • 1.  UDP traceroutes not working

    Posted 07-03-2008 06:57
    I've been digging around for a while now, but have found no answers or mentions of this odd problem.

    Unlike tracert on windows, traceroute on linux uses UDP packets (by default).
    For some reason I cannot traceroute anywhere, from a variety of linux boxes, over any of my EX4200s. Not even the office firewall which is an EX switch and dumb Netgear switch away shows up.
    Yet ICMP traceroutes work fine.

    At the moment all of the switches are basically just dumb switches, with very little configuration over what EZSetup left me with. No firewalling, no routing, just access ports.

    I've confirmed that UDP traffic, in the range of ports traceroute uses, is able to traverse the switches by setting up a bind instances on ports between 33434 and 33534.

    Not sure how well these will come out, but here are 2 examples.

    # time traceroute -n 195.92.195.92
    traceroute to 195.92.195.92 (195.92.195.92), 30 hops max, 38 byte packets
    1 * *

    real 0m13.238s
    user 0m0.000s
    sys 0m0.010s


    # time traceroute -n -I 195.92.195.92
    traceroute to 195.92.195.92 (195.92.195.92), 30 hops max, 38 byte packets
    1 192.168.0.10 0.231 ms 0.153 ms 0.144 ms
    2 82.109.38.201 0.510 ms 0.977 ms 0.600 ms
    3 82.108.10.114 52.495 ms 58.045 ms 66.876 ms
    4 82.111.101.33 50.958 ms 53.727 ms 54.407 ms
    5 195.66.226.43 80.170 ms 60.312 ms 67.814 ms
    6 195.66.226.26 70.856 ms 64.244 ms 76.735 ms
    7 195.92.195.92 88.754 ms 90.742 ms 73.998 ms

    real 0m1.019s
    user 0m0.010s
    sys 0m0.000s


    Can someone suggest where I'm going wrong please?

    Thanks
    Mike


  • 2.  RE: UDP traceroutes not working

    Posted 07-22-2008 05:21

    "At the moment all of the switches are basically just dumb switches, with very little configuration over what EZSetup left me with. No firewalling, no routing, just access ports."

     

    => traceroute "traces" only routers. So you need at least to configure some routing on the Ex so they can react to a traceroute.



  • 3.  RE: UDP traceroutes not working

    Posted 07-22-2008 07:09

    I don't see any of the issues you mentionned on my EX.

    Try : monitor traffic interface ge-0/0/0  to see traffic punted to/coming from  the EX cpu. If you see your udp traceroute datagrams then it's not good. It means they are processed locally instead of switched to the next router.

    Upgrade to latest release.

    If you don't see any, then you must have some firewalling rules somewhere.



  • 4.  RE: UDP traceroutes not working

    Posted 07-22-2008 10:26
    Christien, thanks for your response! All I'm trying to achieve at the moment is to let a machine connected directly to an EX4200 to UDP traceroute at all. I'm fully aware that the switch itself won't show up. I've tried your suggestion of monitoring traffic on ports and see nothing, either entering the port the machine is connected to, or leaving the port to an upstream switch or server. I'm currently running 9.1R1.8, yet ICMP traceroutes work fine, but UDP traceroutes fail. 2 machines connected to a single switch, 192.168.0.135 (Linux, iptables isn't even installed) and 192.168.0.109 (Win2k3 server, firewall completely disabled). From the Linux machine I see this: # time traceroute -n 192.168.0.108 traceroute to 192.168.0.108 (192.168.0.108), 30 hops max, 38 byte packets 1 * * * 2 * * real 0m28.730s user 0m0.000s sys 0m0.000s # traceroute -n -I 192.168.0.108 traceroute to 192.168.0.108 (192.168.0.108), 30 hops max, 38 byte packets 1 192.168.0.108 0.112 ms 0.117 ms 0.125 ms All switch ports involved are purely ethernet-switching, and there is nothing in the switch config to do with firewalling/filtering. The switch does have this set: routing-options { static { route 0.0.0.0/0 next-hop 10.91.1.1; } } Where there is nothing at 10.91.1.1, but the switch is just switching not routing. Mike


  • 5.  RE: UDP traceroutes not working

    Posted 07-22-2008 10:28

    **bleep** newlines disappearing!

     

    Christien, thanks for your response!
    All I'm trying to achieve at the moment is to let a machine connected directly to an EX4200 to UDP traceroute at all. I'm fully aware that the switch itself won't show up.
    I've tried your suggestion of monitoring traffic on ports and see nothing, either entering the port the machine is connected to, or leaving the port to an upstream switch or server.
    I'm currently running 9.1R1.8, yet ICMP traceroutes work fine, but UDP traceroutes fail.

    2 machines connected to a single switch, 192.168.0.135 (Linux, iptables isn't even installed) and 192.168.0.109 (Win2k3 server, firewall completely disabled).
    From the Linux machine I see this:

    # time traceroute -n 192.168.0.108
    traceroute to 192.168.0.108 (192.168.0.108), 30 hops max, 38 byte packets
     1  * * *
     2  * *

    real    0m28.730s
    user    0m0.000s
    sys     0m0.000s

    # traceroute -n -I 192.168.0.108
    traceroute to 192.168.0.108 (192.168.0.108), 30 hops max, 38 byte packets
     1  192.168.0.108  0.112 ms  0.117 ms  0.125 ms

    All switch ports involved are purely ethernet-switching, and there is nothing in the switch config to do with firewalling/filtering.
    The switch does have this set:

    routing-options {
        static {
            route 0.0.0.0/0 next-hop 10.91.1.1;
        }
    }
    Where there is nothing at 10.91.1.1, but the switch is just switching not routing.

    Mike



  • 6.  RE: UDP traceroutes not working
    Best Answer

    Posted 07-23-2008 03:17

    OK, I'll admit it, I'm a moron! 🙂

    Turns out it's probably a faulty NIC. Another linux machine has no problem tracerouting anywhere in anyway, even to the faulty machine.

    Sorry for the noise.

     

    Mike